D-Link NetDefend DFL-210 User Manual page 236
Network security firewall ver 2.26.01
Hide thumbs
Also See for NetDefend DFL-210:
- Log reference manual (476 pages) ,
- User manual (469 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
6.2.8. The SIP ALG
The complexity is increased in this scenario since SIP messages flow across three interfaces: the
receiving interface from the call initiator, the DMZ interface towards the proxy and the destination
interface towards the call terminator. This the initial messages exchanges that take place when a call
is setup in this scenario are illustrated below:
The exchanges illustrated are as follows:
•
1,2 - An initial INVITE is sent to the outbound local proxy server on the DMZ.
•
3,4 - The proxy server sends the SIP messages towards the destination on the Internet.
•
5,6 - A remote client or proxy server replies to the local proxy server.
•
7,8 - The local proxy forwards the reply to the local client.
This scenario can be implemented in a topology hiding setup with DMZ (Solution A below) as well
as a setup without NAT (Solution B below).
Solution A - Using NAT
The following should be noted about this setup:
236
Chapter 6. Security Mechanisms
Advertisement
Table of Contents
Troubleshooting
